Security concepts to consider when using a computer
-
Upload
miguel-angel-romero-ochoa -
Category
Technology
-
view
31 -
download
0
Transcript of Security concepts to consider when using a computer
2015
M.I.S.T. Miguel Ángel Romero Ochoa
Universidad de Sonora
25-6-2015
SECURITY CONCEPTS TO CONSIDER WHEN USING THE
COMPUTER
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
INDEX
SECURITY CONCEPTS TO CONSIDER WHEN USING THE COMPUTER ............................ 3
SAFETY ON THE INTERNET ............................................................................ 4
Risks of web surfing ............................................................................................. 4
Adware .............................................................................................................. 4
Malware ............................................................................................................ 4
Phishing ............................................................................................................ 4
Spam ................................................................................................................ 4
Spyware ............................................................................................................ 4
Virus.................................................................................................................. 4
Hackers and crackers ....................................................................................... 5
Trojan ................................................................................................................ 5
PROTECTION SYSTEMS ............................................................................... 6
Local protection systems ...................................................................................... 6
Perimetric protection systems and safe navigation .............................................. 8
Parental control systems ...................................................................................... 9
TIPS TO MINIMIZE THE RISKS OF WEB SURFING .................................................... 9
Tips for safe navigation ........................................................................................ 9
Tips fo the safe use of email ................................................................................ 9
Tips for safe online shopping ............................................................................. 11
Safety suggestions in social networks ................................................................ 13
REFERENCES ..........................................................................................15
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
SECURITY CONCEPTS TO CONSIDER WHEN USING A COMPUTER
The feeling of anonymity, the need to relate to other people, the number of attainable
services available to young people, among others, are factors to keep in mind and
which require safety measures.
Evidently, the problem with security in data and information services has been a
concern since the very origins of these systems
While today it is almost impossible to consider computer equipment as an isolated
entity, if we consider the computer as an individual element there are only three
elements that we will have to emphasize to avoid safety gaps:
Impede local access to the system by undesirables.
Impede the contamination of the system from dangerous elements that could
damage or slow its performance, and which take advantage primarily of portable
storage systems (USB memory cards, SD cards, portable external hard drives)
and/or communication systems.
Avoid security gaps by keeping the computer system, its operating system and
the programs that we may use up to date.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
SAFETY ON THE INTERNET
Safety on the Internet is a fundamental challenge in these
times. Access to the Web has generalized and with it the
risks and threats have increased. Youth that access the
Web from their houses and school are especially
vulnerable victims.
RISKS OF WEB SURFING
The security risks in computer equipment connected to the Internet can be classified
according to the target of the attack:
Adware: Malicious code that shows unsolicited advertisement in your computer.
Malware: Derived from Malicious softWare, it’s a general term that includes any type
of malware: “Trojans”, “worms”, “spyware”, “adware”, etc. that infiltrate a computer
without the user’s permission and which are designed to damage the computer, to
gather information or to allow the computer to be controlled and use it to send spam
(unwanted mail), etc.
Phishing: Some people’s attempt to pose as a business in order to deceive and
obtain personal information.
Spam (unwanted mail): Unsolicited mail that tries to sell you something. Also
known as junk mail.
Spyware: It’s a spy software that uses your connection to the Internet to gather
personal information without your consent or knowledge and sends it to the person
who wrote the spyware program. Just like adware, spyware is often installed when
‘freeware’ or ‘shareware’ programs are downloaded. The spyware can look at your
bank statement, personal information, etc. It is illegal and generalized.
Virus: A computer program that can duplicate and extend from one computer to
another.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
Hackers and crackers: The individuals behind the attacks on security we’ve
described before are Hackers and Crackers. Hackers look for security gaps with the
purpose of exploiting them in order to gain access to seemingly secure systems. Not
to be confused with Crackers, whose main goal is to breach the system for criminal
purposes, Hackers, at least at their starting point, pursue the personal prestige that
stems from being capable of finding a way into highly protected systems.
Trojan: It is a malicious software that shows itself to the user as a seemingly
legitimate and harmless program but once it starts to run, it gives an attacker remote
access to the infected system. Trojans can do different tasks, but in the majority of
cases they allow remote administration (from the outside) of your computer to an
unauthorized user.
A Trojan isn’t a virus in itself, even when theoretically it can be distributed and work
as one. The main difference between a Trojan and a virus is its finality. For a program
to be a “Trojan” it only needs to access and control a remote computer without being
noticed, usually under a hidden appearance. On the contrary of a virus, which is a
destructive guest, the Trojan doesn’t necessarily damage anything because that’s
not its purpose.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
PROTECTION SYSTEMS
LOCAL PROTECTION SYSTEMS
From the point of view of our computer protection, there are three basic aspects to
keep in mind, easy to implement and which will substantially better our security
experience:
1.- Keep the operating system and the installed software up to date
To avoid possible security gaps in the
system that derive from the weaknesses
mentioned before, it is key that we keep our
system and the installed software
permanently updated. To do so, nowadays,
the automatic update system in computer
equipment and operating systems makes that task easier for us since it detects
autonomously our systems’ configurations and the need to update, just as it happens
with the majority of the installed programs.
2.- Periodically change the password to access the system
Whatever method it may be, if a user obtains the access codes to a system, they will
have free rein to work with it without our consent.
To minimize the risks that derive from this, the system’s access code has to be
changed frequently, using for its configuration a length of at least 6 alphanumeric
characters mixing up capital with lower case
letters, numbers and symbols like %, & o $.
Evidently, we must avoid words with a common
significance and relation to our immediate
surroundings and not leave them within anyone’s
reach in the proximity of the computer.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
There are many different ways of creating long and complex passwords. Here, we
give you some suggestions that may help you remember your password easily:
What to do Example
Begin with a phrase or two I must create a complex password
Erase the spaces Imustcreateacomplexpassword
Abbreviate words or intentionally misspell one of
them
ImstkrtACompxPswrd
Add numbers so the password will be longer. Add
numbers and symbols with personal significance at
the end of your password
ImstkrtACompxPswrd1508$90%
After creating your password, you can check how secure it is by using a password
security checker. Microsoft offers a tool to check how secure your password is.
Avoid putting up password with the following structure:
Sequences or repeated characters, such as 123456, abcde, among others.
Personal information: your name, date of birth, your initials, among others.
Since in today’s age it is habitual to have multiple usernames and passwords to
access not only the local equipment but to several websites as well, there are
programs that help us remember them, such as Password Genie, Splash Id,
RoboForm’s, KeePass, Norton Password Manager, among others.
In actuality, cryptographic card and, above all, the widespread use of electronic ID
allow the storing of digital certificates needed in the majority of websites (electronic
bank, administration services, etc.), increasing with it the security and privacy levels
that can be applied to the computer equipment and for Internet navigation.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
3.- Install an antivirus and keep it updated
Antivirus programs permanently monitor
the system, looking for running or latent
malware in order to ID it, sound the alarm
and, if it were possible, clean the
equipment or at least try to isolate the
virus. There are several antivirus systems
from different enterprises and some free
solutions yet it is difficult to establish which
one from them all is the best given that
comparisons made by specialized magazines use very diverse evaluation
parameters and are not immune to these solution-exploiting companies’ influence.
PERIMETRIC PROTECTION SYSTEMS AND SAFE NAVIGATION
Installing a firewall is another effective way you can take to protect your computer
from threats. A firewall filters Internet traffic before it gets to a computer or private
net. It also offers additional protection against threats, like hackers and virus.
Moreover, a firewall guarantees the computer’s privacy as it restricts external access
to the computer from any unauthorized user.
Firewalls are based on access control lists that
determine which addresses and/or programs are
allowed Internet access (white lists) and which ones
are denied it (black lists).
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
PARENTAL CONTROL SYSTEMS
Based on aforementioned filtering systems, these are systems designed to
guarantee a safe experience for children, teens, and young adults. The same web
browsers (Internet Explorer, Firefox, Safari, etc.) provide their own parental control
system.
The control filters verify all information packets
that run through the web, analyzing them with
established security patterns and blocking them
in the case that they’re found to contain
unwanted information, according to the
boundaries marked by the administrators or the
people responsible for the systems.
TIPS FOR MINIMIZING THE RISKS OF WEB SURFING
TIPS FOR SAFE NAVIGATION
1. To stave off virus, download files from trusted sites only.
2. Download programs from their official websites to avoid spoofing.
3. With an antivirus, analyze everything you download before running it.
4. Keep your browser and operating system updated to protect them against the
latest threats.
5. Use URL analyzers as support to make sure a website can be trusted.
6. Delete from your browser your search history, cookies and temporary Internet
files.
7. Be careful with the passwords you save on your browser.
TIPS FOR THE SAFE USE OF EMAIL
1. Don’t trust emails from unknown senders; when in doubt, delete it.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
2. Don’t open suspicious attachments from unknown senders or ones that you
didn’t ask for.
3. Use the antispam filter and mark the unwanted emails as junk mail.
4. Be careful with the password recovery mechanism, use a question that only
you know the answer to.
5. Analyze the attachments with an antivirus before running them in your system.
6. Deactivate the preview and HTML viewing on your email account to avoid any
malicious code that may be included in a message.
7. Don’t give out your email account to strangers.
8. Do not respond to fake massages or to chain mail to keep your email address
from being broadcast.
9. When you send or forward messages to multiple recipients use the hidden
carbon copy –CC or BCC- to introduce the addresses.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
TIPS FOR SAFE ONLINE SHOPPING
1. Use websites you know: Start in a safe site instead of shopping using a search
browser
2. Look for the Padlock: Never buy anything online with your credit card in a
website that doesn’t have at least SSL encryption (secure sockets layer) installed.
You can tell when a website has SSL encryption because its URL will begin with
HTTPS:// (instead of just HTTP://). A locked padlock icon will appear, generally in
the status bar at the bottom of your web browser or just beside the URL in the
address bar.
3. Look for a third party’s seal of approval: Only companies can exhibit these
seals in their sites if they meet to a set of rigorous standards on, for example, how
personal information can be used. You must look for two seals.
If you find the seals, click on them to make
sure they take you to the organizations that
created them. Some unscrupulous sellers
exhibit these logos on their websites without
consent.
4. Don’t say everything: No online shop
needs your Social Security number or your birthday to do business. Give out the
least amount of information whenever possible.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
5. Verify your bank statements: Go on the Internet frequently and search for the
bank statements for your credit and debit cards as well as your checking account. If
you see anything wrong, pick up the phone and immediately take care of the
problem.
6. Vaccinate your computer: You need to be protected
against malware with regular updates to your antivirus.
7. Use secure passwords: We want to strongly emphasize
that you make sure to use secure passwords, but even more
importantly, you want a secure password when dealing with banks or shopping
online.
8. Use mobile communications: There’s no need to worry more when shopping
with a mobile device than through the Internet. The trick is to use the applications
provided directly by the shops, like Amazon, Target, etc.
9. Avoid public computers and networks: Hopefully there’s no need to say that
shopping on a public computer is a bad idea, but we’ll do it anyways. If you do, just
remember to log out of your account every time you use a public computer, even if
it is just to check your email.
10. Privatize your Wi-Fi: If you choose to shop with your mobile computer, you’ll
need a wireless connection. Only use the wireless connection if it has access to the
Internet through a VPN (virtual private network) connection.
11. Careful with gift cards: Gift cards are the most asked-for present at parties and
this year won’t be the exception. Go for the provider when you buy one, as con men
like to sell empty or near-empty gift cards on sites like eBay.
12. Know what is too good to be true: In the majority of cases, skepticism is what
can save you from getting your card number stolen.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
SECURITY TIPS ON SOCIAL NETWORKS
Social media websites like MySpace, Facebook, Twitter and Windows Live Spaces
are services that can be used by people to connect with others and share information
like photographs, videos and personal messages. As their popularity grows, so do
the risks of their use.
1. Be careful when clicking on links you’ve received in messages from your
friends on your social media website. Treat these links as you would do the links on
email messages.
2. Know what you’ve published about yourself. A common way hackers use to
access your bank or other types of accounts is clicking on the "Forgot your
password?" link on the account’s homepage. To gain entry to your account without
authorization, they look for the answers to your security questions, like your birthday,
the city you were born in, your high school graduating class or mother’s maiden
name.
3. Don’t trust that a message really comes from whom it says it does. Hackers
can go into people’s accounts unauthorized and send messages that look like they
were sent from friends but they’re not. If you have a hunch about a message being
bogus, use an alternate method to contact your friend and investigate.
4. To avoid giving email addresses to your friends, don’t allow social media
services to check your email address book. When you join a new social network,
it’s possible that you may receive an offer to introduce your email address and your
password to know if your contacts are on this website. The website may use this
information to send messages with that email address to everyone on your contacts
list or even to someone that at any one time you’ve sent an email to. Social media
websites should explain what they’ll do with the information you’ve provided, but
some don’t do it.
5. Type out on your browser your social media URL or use your personal
markers. If you click on a link to your social media through emails or other websites,
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
it is possible for you to enter your username and password on a fake site where your
information can be stolen.
6. Be selective when it comes to who you accept as a friend on a social media
platform. Identity thieves can create fake profiles to obtain information from you.
7. Carefully choose your social network. Evaluate the site you plan to use and
make sure you understand the privacy policy. Investigate if the site monitors the
content that people publish. You will give this site your personal information, so use
the same criteria that you would use when selecting a site that makes use of your
credit card.
8. Assume that everything you post on a social media site is permanent. Even
if you can erase your account, any person on the Internet can easily print photos or
text or save images and videos in a computer.
9. Be careful when installing additional functions on your social media site. A
lot of social media networks allow you to download applications from third parties
which let you do more with your personal website. To safely download and use third-
party applications, take the same safety precautions that you would when
downloading any other program or file from the Internet.
Miguel Ángel Romero Ochoa Espacio educativo NTIC Universidad de Sonora
Traducción: Edna Mónica López Ceballos
“Security concepts to consider when using a computer” is licensed under a Creative Commons Attribution-NonCommercial-
NoDerivatives 4.0 International License.
REFERENCES
Aspectos básicos del Internet y seguridad cibernética. Technology expertise, Access &
learning for all Texans. Recuperado de:
https://www.tsl.texas.gov/sites/default/files/public/tslac/u34/Internet%20y%20Seguridad%20Cibern%C3%A9tica.pdf
Seguridad en Internet. Recursos Tic. Recuperado de:
http://recursostic.educacion.es/observatorio/web/es/component/content/article/805-monografico-seguridad-en-internet
Cree contraseñas seguras. Microsoft. Recuperado de:
http://www.microsoft.com/es-xl/security/online-privacy/passwords-create.aspx
Cómo comprar en línea de forma más segura. Microsoft. Recuperado de:
http://www.microsoft.com/es-xl/security/online-privacy/online-shopping.aspx